Daniel Franke

@QuinnyPig Based on your last two tweets today (with x.com/QuinnyPig/stat…), I guess Amazon is bad at naming things, good at cache invalidation. How are they doing on off-by-one errors?

Jassy’s shareholder letter casually abbreviates Same Day Fulfillment Centers as “SSDs.” This is the man who named Amazon Q. He wasn’t promoted away from naming things. He was promoted into more things to name.

@travis4nh Strange thing to even accuse you of. What would you want to sell death sticks? Then you'd have fewer death sticks!

17/ "Selling death sticks"? That sounds pretty cool, but I assure you that that's not something I do. x.com/i/status/20420…

If you're gay in America, you get by law $20,000 per year in special benefits. If you're hetero, you are taxed to supply this special benefit.

@cremieuxrecueil Goodness, how strange! What could possibly have caused the greed levels of Big Egg to drop so precipitously?

Egg update: Somehow the prices are actually at a 10-year low now!

@NotNordgaren @esrtweet Nice. How heavily did you have to guide it?

@dfranke @esrtweet Yea, two weeks ago I had a 3 stage malware that Claude ripped apart. It ended with a VM protected sample and when the tools available to dump it didn't work, it made it's own tools.

@NotNordgaren @esrtweet Given how fast this is moving I could easily be out of date. Any specific anecdotes?

@dfranke @esrtweet I mean, I get good results on malware that is pretty well packed and obfuscated, now.

@esrtweet There's a big difference between the level of obfuscation you get from "compile, optimize, strip debug symbols" and the serious effort that malware authors go through to make detection and reverse engineering difficult. I don't think the latter has fallen to LLMs, yet.

@perrymetzger @robinhanson My most parsimonious theory is that Satoshi, whoever he was, is dead, and died suddenly of causes that were, if not natural, at least unrelated to his Bitcoin work, and none of his heirs know anything of it.

I avoid guessing. Pointing a finger at someone means that they have to spend the rest of their life worried that someone’s going to kidnap their family to get a ransom from a fortune that they don’t actually have. Also, whoever it was hasn’t caused any harm to the world, hasn’t even touched the balances under the control of their public keys, went through a lot of trouble to remain pseudonymous, and I don’t think that I should spend effort violating their desire for privacy.

I ran the cryptography mailing list. I know all of the people involved. I think it’s unlikely that Adam was Satoshi. He’s just the latest in a long line of people that various reporters have incorrectly claimed to have “definitively demonstrated” was Satoshi.

With apologies to Clarke and Dawe. INTERVIEWER: Thank you for joining us Senator Collins. Now this OpenBSD vulnerability that was revealed earlier today– COLLINS: The one where the kernel panicked? INTERVIEWER: Yes COLLINS: Yeah, it's not very typical, I'd like to make that point. INTERVIEWER: Well how is it untypical? COLLINS: There are a lot of these packets going around the world all the time and very seldom does anything like this happen. I don't want people thinking that C is not safe. INTERVIEWER: Was this C code safe? COLLINS: Well I was thinking more about the other ones. INTERVIEWER: The ones that are safe. COLLINS: Yeah, the ones that don't panic the kernel. INTERVIEWER: Well if this wasn't safe, why was it running at ring zero on millions of machines? COLLINS: Well I'm not saying it wasn't safe, it's just perhaps not quite as safe as some of the other ones. INTERVIEWER: Why? COLLINS: Well some of them are built so that they don't segfault at all. INTERVIEWER: Wasn't this built so it wouldn't segfault? COLLINS: Well obviously not. INTERVIEWER: How do you know? COLLINS: Well because a selective ACK block placed 2^31 bytes away from the receive window, causing an int comparison to overflow, so the kernel concluded the same byte was simultaneously above and below the acknowledged sequence number, deleted the only hole in its SACK list, appended to a null pointer, panicking the kernel and pulling down the entire machine. It's a bit of a giveaway, I just like to make the point that that is not normal. INTERVIEWER: Well what sort of standards is this C code written with? COLLINS: Oh very rigorous software engineering standards. INTERVIEWER: What sort of thing? COLLINS: Well it's not supposed to crash, for a start. INTERVIEWER: What other things? COLLINS: Well, there are regulations governing which functions you're allowed to call. INTERVIEWER: What regulations? COLLINS: Well, gets() is out. INTERVIEWER: And? COLLINS: No strcpy. No strcat. INTERVIEWER: sprintf? COLLINS: Look, sprintf is fine if you're careful. INTERVIEWER: Are people careful? COLLINS: For the most part. INTERVIEWER: What else? COLLINS: Code's gotta be in source control. There's a test suite. INTERVIEWER: What does it test for? COLLINS: That it compiles I suppose. INTERVIEWER: So the allegations that it's a dangerous language that does next to nothing to check whether code is doing what it's supposed to, that's ludicrous? COLLINS: Absolutely ludicrous. C is a serious production language. INTERVIEWER: Well what happened in this case? COLLINS: Well the kernel crashed in this case by all means but it's very unusual. INTERVIEWER: But Senator Collins, why did the kernel crash? COLLINS: Well it got a packet. INTERVIEWER: It got a packet? COLLINS: The kernel received a packet. INTERVIEWER: Is that unusual? COLLINS: Oh yeah. Online? Chance in a million! INTERVIEWER: So what do you do to protect the internet in cases like this? COLLINS: Well we patched the bug upstream. INTERVIEWER: …leaving other vulnerabilities no doubt unfixed. COLLINS: No no no the bug has been patched. You might need to deploy it but– INTERVIEWER: But this class of vulnerability– COLLINS: It's not a class of vulnerability, it's a one-off bug caused by programmer error. INTERVIEWER: Well what else is out there? COLLINS: Nothing's out there. INTERVIEWER: There must be something. COLLINS: There is nothing out there. All there is, is code, and programmers, and fixes. INTERVIEWER: And? COLLINS: And untold numbers of exploitable kernel-level exploits. INTERVIEWER: And what else? COLLINS: And a 27 year old integer overflow. INTERVIEWER: And anything else? COLLINS: And large private models at AI labs discovering more vulnerabilities in secret. But there's nothing else out there. INTERVIEWER: Senator Collins, thank you for joining us. COLLINS: It's a complete void. Nothing worth thinking about. Oh, we're out of time? Could you call me a cab? INTERVIEWER: But didn't you come in a self-driving car? COLLINS: Yeah I did but… INTERVIEWER: What happened? COLLINS: Well the kernel panicked.

@WatsonLadd The ceasefire agreement is that the US and Israel are ceasing fire, and Iran agrees that we are doing so.

So can someone explain to me how a ceasefire with the US can remove the rights of third parties to the freedom of the seas?

@cremieuxrecueil A solid majority of it is this. x.com/blenologic/sta…

Good scientific criticisms should be correct. This sounds obvious, but it is a shockingly high bar. Much of criticism is character insults, ignorant comments, and, unfortunately, a lot of lying. But if you want to do it right, you have to be correct!

@notjessewalker This style looks really familiar. Midjourney 4? I used to run it at 100 chaos using "wtf" as a prompt and got lots of stuff that looks like this.

Your morning image

@LinkofSunshine It isn't admitting a crime, it *is* the crime. There's nothing illegal about unilaterally deciding not to recruit from some other company. But this attempt to turn it into a reciprocal quid pro quo makes it collusion.

It’s always funny cause this email is from discovery in a lawsuit and it’s just him publically admitting a federal crime

@zooko @paulg That's entropy.

@paulg Maybe you can divide the right-hand column by the left-hand column to get something like “information communicated per effort”.

I had just been noticing today that Thai speakers seem to spend longer talking about things than I'd expect.

@MorlockP These things are surprisingly tough. These dogs routinely grind cow femurs to dust, but the horns are still intact after a day.

@MorlockP Azeban seeing those horns...

Setting up a second Etsy store to sell wool socks and other farm products. Details soon.

My hounds of war have heroically protected @MorlockP from a wild Icelandic ram.

@SM4Tech @rsnbrgr Black is in a tough spot, but can make a draw.

@rsnbrgr At the moment, I think that is blacks only move. Moreover, I think Black is only a few moves away from losing.

I stared at this wayyyyy too long on my 🚽

@rsnbrgr @csoandy The critical line is 1… Nxc5 2. Nxc5 Qxc5+ 3. Be3 and it looks like black is going to lose to Qxa6 on the next move. But black has another resource. Find it.

@dfranke @csoandy The queens are an even trade. You lose a N&P to take a N&R. But then the board looks messy... 🤷

Black to move. Would …Nxc5 be a blunder?

@csoandy Not as much as white likes his king.

@dfranke Do you like your rook?

@RGA This is Major Tom to tech support I’m clicking on the tab But it’s acting in a most peculiar way And the menu ribbon looks quite different today